Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA

Tycoon 2FA, a recently emerged Phishing-as-a-Service (PhaaS) platform, targets Microsoft 365 and Gmail accounts, which leverage an Adversary-in-the-Middle (AitM) technique to steal user session cookies, bypassing multi-factor authentication (MFA) protections.  By acting as an intermediary between the user and the legitimate login page, Tycoon 2FA captures cookies that grant attackers unauthorized access to compromised accounts … Continue reading Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA